Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.
Remediation
References
Related Vulnerabilities
PostgreSQL CVE-2018-1058 Vulnerability (CVE-2018-1058)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3742)
WordPress Plugin PowerPress Podcasting by Blubrry Multiple Vulnerabilities (8.4.4)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)
WordPress Plugin CF7 Manual Spam Blocker Privilege Escalation (1.0)